CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-49780 – scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
https://notcve.org/view.php?id=CVE-2022-49780
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup(). The 'tl_hba' will be freed in tcm_loop_release_adapter(), so it do... • https://git.kernel.org/stable/c/3703b2c5d041a68095cdd22380c23ce27d449ad7 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49779 – kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
https://notcve.org/view.php?id=CVE-2022-49779
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have post_handler, the post_handler of the aggrprobe is cleared. If this is a ftrace-based probe, there is a problem. In later calls to disarm_kprobe(), we will use kprobe_ftrace_ops because post_handler is NULL. But we're armed with kprobe_... • https://git.kernel.org/stable/c/0bc11ed5ab60c135aa764a62c02cd5ea68289de4 •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2022-49778 – arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud
https://notcve.org/view.php?id=CVE-2022-49778
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud The page table check trigger BUG_ON() unexpectedly when collapse hugepage: ------------[ cut here ]------------ kernel BUG at mm/page_table_check.c:82! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 6 PID: 68 Comm: khugepaged Not tainted 6.1.0-rc3+ #750 Hardware name: linux,dummy-virt (DT) pstate: 60000005 ... • https://git.kernel.org/stable/c/42b2547137f5c974bb1bfd657c869fe96b96d86f •
CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2022-49777 – Input: i8042 - fix leaking of platform device on module removal
https://notcve.org/view.php?id=CVE-2022-49777
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by i8042_exit() on module unload. In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_... • https://git.kernel.org/stable/c/68fdb0499653a2519691e645fcb72944f6e1e220 •
CVSS: 9.4EPSS: %CPEs: 7EXPL: 0CVE-2022-49776 – macvlan: enforce a consistent minimal mtu
https://notcve.org/view.php?id=CVE-2022-49776
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior (which could lead to crashes in ipv6 stack if the link is brought up) $ ip link add macvlan1 link eno1 mtu 8 type macvlan # This should fail ! $ ip link sh dev macvlan1 5: macvlan1@eno1:
CVSS: 7.0EPSS: %CPEs: 8EXPL: 0CVE-2022-49775 – tcp: cdg: allow tcp_cdg_release() to be called multiple times
https://notcve.org/view.php?id=CVE-2022-49775
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG, because it might trigger a double-free [1] Instead of fixing MPTCP, and future bugs, we can make tcp_disconnect() more resilient. [1] BUG: KASAN: double-free in slab_free mm/slub.c:3539 [inline] BUG: KASAN: double-free in kfree+0xe2... • https://git.kernel.org/stable/c/2b0a8c9eee81882fc0001ccf6d9af62cdc682f9e •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49774 – KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()
https://notcve.org/view.php?id=CVE-2022-49774
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introduce new goto target instead. - Paolo] • https://git.kernel.org/stable/c/2fd6df2f2b47d4301b1ee0fe9d627d1c061a5988 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49773 – drm/amd/display: Fix optc2_configure warning on dcn314
https://notcve.org/view.php?id=CVE-2022-49773
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix optc2_configure warning on dcn314 [Why] dcn314 uses optc2_configure_crc() that wraps optc1_configure_crc() + set additional registers not applicable to dcn314. It's not critical but when used leads to warning like: WARNING: drivers/gpu/drm/amd/amdgpu/../display/dc/dc_helper.c Call Trace:
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49772 – ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
https://notcve.org/view.php?id=CVE-2022-49772
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() snd_usbmidi_output_open() has a check of the NULL port with snd_BUG_ON(). snd_BUG_ON() was used as this shouldn't have happened, but in reality, the NULL port may be seen when the device gives an invalid endpoint setup at the descriptor, hence the driver skips the allocation. That is, the check itself is valid and snd_BUG_ON() should be dropped from there. Otherwise it's conf... • https://git.kernel.org/stable/c/872c9314769e89d8bda74ff3ac584756a45ee752 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49771 – dm ioctl: fix misbehavior if list_versions races with module loading
https://notcve.org/view.php?id=CVE-2022-49771
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if list_versions races with module loading __list_versions will first estimate the required space using the "dm_target_iterate(list_version_get_needed, &needed)" call and then will fill the space using the "dm_target_iterate(list_version_get_info, &iter_info)" call. Each of these calls locks the targets using the "down_read(&_lock)" and "up_read(&_lock)" calls, however between the first and second "dm_target_iterat... • https://git.kernel.org/stable/c/0c8d4112df329bf3dfbf27693f918c3b08676538 •